Overview:

In today’s complex environment, network security management can become overly time consuming and prone to error if management solutions are slow, unintuitive, or restricted in their level of granularity, control, and visibility. Junos Space Security Director provides security policy management for all physical, logical, and virtual firewalls (SRX Series Services Gateways and vSRX) through an intuitive, centralized, web-based interface that offers enforcement across emerging and traditional risk vectors.

With the addition of Policy Enforcer, Security Director automatically updates policies based on threats identified by Sky Advanced Threat Prevention malware detection in the cloud, as well as those found by onpremises threat intelligence solutions. Updated policies are then distributed to enforcement points such as firewalls and switches, ensuring up-to-theminute network protection.

The Security Director dashboard provides customizable, information-rich widgets offering visually intuitive displays that report security device status at a glance. A pallet allows you to easily navigate between firewall, threat, intrusion prevention system (IPS), application, throughput and device-related information, which can be used to create a customized view of the Juniper Networks SRX Series Services Gateways firewall environment. Through the dashboard, you can quickly determine which SRX Series devices have the most alarms, or which have consumed the most CPU cycles or RAM for a specific time period. A Threat Map widget shows the number of IPS events detected per geographic location, giving you industry-leading information gathering and remediation capabilities.

Figure 1: Junos Space Security Director dashboard

Figure 2: Application Visibility dashboard feature

Drilling down on widgets, users can sort and search various events to effortlessly obtain detailed information such as top viruses blocked, top destinations, top sources, and other details that can be used to ensure that the network is safe.

Security Director offers the industry’s most innovative solution for managing the application, user, and IP environment. Network administrators can choose between three different views to see how applications and users are affecting the network, observe bandwidth utilization levels, or determine the number of sessions created. Granular usage details, such as which applications are the riskiest, can be viewed. Top talkers are easy to identify and remediate. Different time frames can also be compared to determine when utilization is typically at its peak.

Unlike other products, Security Director does not require users to run multiple reports or open multiple tabs and then manually analyze the data to determine who is using which applications and to what extent. Instead, Security Director allows administrators to easily correlate users to applications by simply selecting an application icon or a user/user group icon.

Blocking traffic from a specific country is also easy and intuitive. Using Security Director’s Live Threat Map, it’s not only possible to see where threats are originating, you can also block traffic coming from or going to a selected geographic location.

Actionable Intelligence

With most security management solutions, administrators have to run a report or open several tabs to find the applications or users they want to manage. Then they must manually create the required firewall rules, determine where to place those rules, and hope they don’t conflict with any existing rules, thereby creating a host of new problems. This is a tedious, time-consuming, and error-prone process.

Security Director offers an Actionable Intelligence feature that eliminates the need to engage in this antiquated exercise. Using Actionable Intelligence, administrators can select one or more applications or user/user groups from the Application Visibility or User Visibility charts, then simply select “Block.” Security Director automatically creates the requested rule or rules and deploys them in the optimal location within the rules base, avoiding any anomalies and taking the guesswork out of managing the application and user environment.

Displays where threats are originating in near real time and allows you to take action to stop them.

Provides near real-time insight into network-related threats. Allows you to block traffic going to or coming from a specific country with a single click.

Innovative application visibility and management

Provides an easy and intuitive way to see which applications use the most bandwidth, have the most sessions, or are most at risk. Know which users are accessing non-productive applications and by how much.

Top talkers are displayed in an easy-to-understand manner.

Block applications, IP address, and users with a simple mouse click.

Delivers greater visibility, enforcement, control, and protection over the network.

Simplified threat management

Reports where threats are originating and where they are going via a global map. Blocking a country is easy; simply mouse over the country to take action.

Provides insight needed to effectively manage networkrelated threats. Allows you to block traffic going to or coming from a specific country with a single click.

Snapshot support

Allows users to snapshot, compare, and roll back configuration versions.

Eases administration by unifying common policy tasks within a single interface.

Reduces errors by enabling reuse of policies across multiple devices.

Drag-and-drop

Allows firewall, IPS, and NAT rules to be reordered by simply dragging them to a new location.

Enables firewall, IPS, and NAT objects to be added or copied by dragging them from one cell to another, or from a pallet located at the bottom of the policy table.

VPN auto provisioning and import

Simply tell Security Director which VPN topology to use and which devices you want to participate in the topology, and Security Director will auto-provision the tunnels. If you have an existing Juniper VPN environment, Security Director can import the VPNs to provide an easy and effective way to manage them.

Makes pre-existing SRX Series VPNs easier to manage.

Role-based access for policies and objects

Allows devices, policies, and objects to be placed within domains and assigns read/write permissions to a user.

Provides customers a way to segment administrative responsibility for policies and objects.

REST APIs for automation

Provides RESTful APIs that can be used in conjunction with automation tools.

Automates configuration and management of physical, logical, or virtual SRX Series devices.